passkey: avoid an infinite loop in cares in authentication of passkey #55
Conversation
madhuriupadhye
force-pushed
the
new_run_su
branch
2 times, most recently
from
ba1cfe7 to
d0e4276
Compare
madhuriupadhye
force-pushed
the
new_run_su
branch
5 times, most recently
from
f105115 to
2f8ee23
Compare
|
Hi, I added
The code should look like: def passkey(...):
...
self.fs.copy("passkey_child", "passkey_child.orig")
self.fs.write("passkey_child", "...passkey child contents")
run_su = ... (we probably do not need to restart sssd anymore)
playback_umockdev = ...
run expect ...
# Now this is probably not needed in passkey case, but if we want to restore the files immediately so original files are used for the rest of the test
self.fs.restore("passkey_child") |
madhuriupadhye
force-pushed
the
new_run_su
branch
4 times, most recently
from
3dfd749 to
ef06845
Compare
|
@pbrezina the restore function doesn't work, and I think that's the issue Madhuri is facing. I created a simple test case to test this functionality: @pytest.mark.topology(KnownTopology.LDAP)
def test_files_provider__example(client: Client, provider: GenericProvider):
client.fs.copy("/usr/libexec/sssd/passkey_child", "/usr/libexec/sssd/passkey_child.orig")
client.host.ssh.exec(["rm", "/usr/libexec/sssd/passkey_child"])
client.fs.restore("/usr/libexec/sssd/passkey_child")
passThe copy works correctly, and I can find a file called |
You did not backup @pytest.mark.topology(KnownTopology.LDAP)
def test_files_provider__example(client: Client, provider: GenericProvider):
+ client.fs.backup("/usr/libexec/sssd/passkey_child")
client.fs.copy("/usr/libexec/sssd/passkey_child", "/usr/libexec/sssd/passkey_child.orig")
client.host.ssh.exec(["rm", "/usr/libexec/sssd/passkey_child"])
client.fs.restore("/usr/libexec/sssd/passkey_child")
pass
|
|
In the example from #55 (comment) |
madhuriupadhye
force-pushed
the
new_run_su
branch
3 times, most recently
from
3045808 to
8adadcc
Compare
After the backup, it worked as expected. Thank you! |
madhuriupadhye
force-pushed
the
new_run_su
branch
from
8adadcc to
4d974ab
Compare
madhuriupadhye
force-pushed
the
new_run_su
branch
7 times, most recently
from
053afb6 to
ce70672
Compare
|
Please, let me know when it is ready for final review. |
madhuriupadhye
force-pushed
the
new_run_su
branch
from
ce70672 to
e2b88b4
Compare
Yes, Done with my changes, please check again. |
madhuriupadhye
force-pushed
the
new_run_su
branch
from
e2b88b4 to
83646c1
Compare
madhuriupadhye
changed the title
madhuriupadhye
changed the title
Yes. @madhuriupadhye can you add 18b47de but bump the version to 1.0.7 please? I will release next version of pytest-mh when remaining pull requests are merged. |
madhuriupadhye
force-pushed
the
new_run_su
branch
2 times, most recently
from
e9cb7fe to
4197b80
Compare
The issue is an infinite loop in cares. generate_unique_id() caused by 'LD_PRELOAD=/opt/random.so'. generate_unique_id() is calling arc4random_buf() and the loop in cares is keeping a list of old ids to avoid those. But arc4random_buf() is overwritten by random.so and always returns the same value and as a result the same id is always used and causes the infinite loop. To make the environment only available to passkey_child not to add those environment variable to /etc/sysconfig/sssd but rename passkey_child. Signed-off-by: Madhuri Upadhye <[email protected]>
The issue is an infinite loop in cares.
generate_unique_id() caused by 'LD_PRELOAD=/opt/random.so'.
generate_unique_id() is calling arc4random_buf() and the loop in cares
is keeping a list of old ids to avoid those. But arc4random_buf() is
overwritten by random.so and always returns the same value and as a
result the same id is always used and causes the infinite loop.
To make the environment only available to
passkey_child not to add those environment variable to
/etc/sysconfig/sssd but rename passkey_child.
Signed-off-by: Madhuri Upadhye [email protected]